Short Name |
HTTP:STC:CHROME:FILE-DOWNLOAD |
---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Google Chrome Arbitrary File Download |
Release Date |
2012/12/17 |
Update Number |
2211 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects the download of a maliciously crafted HTML document via Google Chrome. The document forces Google Chrome to download a file specified by the HTML document creator.
Google Chrome is prone to a security vulnerability because the application allows users to download arbitrary files without confirmation. This issue may allow attackers to perform social-engineering or other attacks to trick users into downloading a malicious file.